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The present invention relates to a method of 
conducting transactions and in particular to a method of 
conducting transactions, such as financial transactions, by 
means of a self service . terminal (SST) . 

Self service terminals (SSTs) , such as automated 
teller machines (ATMs) , are commonly used to conduct a wide 
range of transactions, particularly financial transactions. 

To ensure security of these transactions, and to prevent 
unauthorised access to a user's account, some form of 
identification process is generally necessary to allow a 
transaction to be authorised. For example, an ATM may 
require a user firstly to claim an identity, with a smart 
card or similar identification token, and then to verify 
that identity by entering a personal identification number 

(PIN) or the like.- Alternatively, - biometrics 

identification can be used; for example, fingerprint or 
voice recognition, or the like. 

While these measures do provide security to the user, 
they generally also require the user to personally attend 
the ATM to conduct the desired transaction. While ATMs are 
more convenient for many users than the alternative of 
visiting a bank branch during opening hours, many other 
users are not always able to visit an ATM in person; for 
example, the elderly or infirm, the housebound, the 



hospitalised, those who live in remote areas, or simply 
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those with busy lifestyles with insufficient time to visit 
an ATM. Such persons can at present only rely on a third 
party to visit an ATM on their behalf, having first given 
the party the user's identification token (such as a smart 
5 card) , and their PIN. This can lead to security lapses, as 
others become aware of a user's PIN, and is in fact 
strongly disapproved of by ATM operators. In addition, 
there is no way of ensuring that the third party conducts 
the desired transaction and not an alternative (for 

10 example, withdrawing additional cash beyond that which is 
authorised) . Furthermore, once the third party is made 
aware of the user's PIN, there is no way of ensuring they 
do not subsequently perform additional unauthorised 
transactions, as they cannot be made to forget the PIN . 

15 It is among the objects of embodiments of the present 

invention to obviate or" alleviate these and other- 
disadvantages of known transaction authorisation methods. 

According to a first aspect of the present invention, 
there is provided a method of conducting a transaction via 

20 a self service terminal (SST) , the method comprising the 
steps of: 

encrypting transaction data stored in a first device, 
the data including security identification information; 

transferring the encrypted data to a device of a third 
25 _P^ r ty; 



allowing the third party to transfer the encrypted 




data to an SST; and 

allowing the SST to decrypt the data, verify the 
security identification information, and execute the 
transaction . 

5 Thus, using the present invention a user may for 

example encrypt data representing a transaction together 
with their identification token (a "digital signature"), 
and transfer the encrypted data to a device held by an 
authorised third party. As used herein, "device" is 

10 intended to refer to any device capable of storing, 
transferring, and receiving data; for example, a palmtop 
computer or the like. As the third party will be unable to 
decrypt the data themselves, they will not be able to 
determine the user's identification token, and so will be 

15 unable either to re-use the identification token or to 

perform unauthorised acts with the identification token. 

The decryption and execution steps of the transaction are 
carried out by the SST, either locally or in communication 
with a remote SST operator server. 

20 Preferably the encryption step is performed using a 

portable, and preferably handheld, data processing device; 
for example, a handheld or palmtop computer, a personal 
digital assistant (PDA), a mobile telephone, or the like. 

The transfer steps to the device of the third party 

25 and to the SST may be performed by one or more of wireless 
application protocol (WAP) technology, x Bluetooth' wireless 
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technology or the like, email, radio, infra-red or other 
electromagnetic communications means, or by a physical data 
transmission connection (for example, fibre optic or 
electrically conductive data transfer cables) . Most 
5 conveniently the third party may receive and store the data 
on a portable or handheld data processing device; commonly 
such devices are equipped with local data transfer ports, 
such as infra-red transceivers, or in the case of mobile 
telephones, connections to a mobile telecommunications 
10 network. 

Preferably the SST communicates with a remote data 
processing device to allow decryption, verification, and 
execution of the transaction. For example, the 

verification of the claimed identity may require comparison 

15 of the identity with a central database; similarly, 
execution of the transaction may require the SST to confirm 
with a central operator that sufficient funds are available 
in a user's account, or the like. Naturally, any or all of 
these steps may instead be conducted locally by the SST 

20 itself. 

Conveniently the transaction data includes data 
signifying one or more of the value, place, time, number of 
allowable repetitions, or other information regarding the 
transaction. For example, a user may authorise a third 
2 5 party to wit h draw som^c^rrency on their beha lf only if the 
transaction is executed within a certain time period from 
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the authorisation being given; or within a certain limited 
area. Further, a transaction may be authorised to be 
conducted say ten times only on a user's behalf; subsequent 
attempts to execute the transaction will be unsuccessful. 
5 The third party may be an individual, for example a 

friend or assistant of the user; or may be an organisation 
or group of people. Thus, an organisation may provide a 
service to users of conducting transactions on their 
behalf, perhaps in return for some financial or other 

10 consideration. 

The method may further comprise the step of 
transferring transaction confirmation data from the SST to 
the third party; and may still further comprise the step of 
transferring the transaction confirmation data from the 

15 third party to a user. Thus, the third party may be able 
to demonstrate to the user that* the transaction has been 
completed, if desired. 

The method may further comprise the intermediate step 
of transferring the transaction data to further third 

20 parties prior to transferring the transaction data to the 
SST; in this way, if the original third party is unable to 
conduct the transaction, they may authorise further third 
parties to do so on their behalf. Alternatively, or in 
addition, the transaction data may also include data 

25 de termining which third party is permitted to transfer th e 
data to the SST; thus, only a specific third party may 
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execute the transaction, identified by, for example, 
possession of a particular device or a personal 
identification number (PIN) or code word, which may be 
specific to a single transaction, a group of transactions, 
5 or a particular third party. 

According to a second aspect of the present invention, 
there is provided a method of conducting a transaction via 
a self service terminal (SST) , the method comprising the 
following steps : 
10 receiving on a device encrypted transaction data from 

a device of a third party, the data including security 
identification information; 

transferring the encrypted data from the receiving 
device to an SST; and 
15 allowing the SST to decrypt the data, verify the 

security "identification information, and execute the 
transaction . 

According to a further aspect of the present 
invention, there is provided a method of conducting a 
20 transaction via a self service terminal (SST) , the method 
comprising the following steps : 

receiving at an SST from a user encrypted transaction 
data, the data including security identification 
information; 
25 decrypting the transaction data; 



verifying the security identification information; and 
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executing the requested transaction. 

According to a still further aspect of the present 
invention, there is provided a method of operating a 
financial service, the method comprising the steps of : 
5 providing a user with an encryption key and an 

identification token for use with a user device; 

providing a self service terminal (SST) with a 
corresponding decryption key; 

accepting encrypted transaction data including the 
10 identification token from a device of a third party; 

decrypting the transaction data; 

verifying the decrypted identification token; and 
executing the requested transaction. 

According to a yet further aspect of the present 
15 invention, there is provided a method of using a financial 

- service, the method comprising the steps" of : - - - 

encrypting using a device transaction data and an 
identification token with an encryption key; and 

presenting the encrypted data to a financial service 
20 operator via a device of a third party. 

According to a still further aspect of the 
present invention, there is provided a method of purchasing 
goods or services, the method comprising the steps of: 

encrypting transaction data stored in a first device, 
25 the data including security identification information; 



transferring the encrypted data to a device of a third 
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party; 

allowing the third party to transfer the encrypted 
data to a merchant or service provider; and 

allowing the merchant or service provider to decrypt 
5 the data, verify the security identification information, 
and execute the transaction. 

This aspect of the invention may be used, for 
example, to authorise a third party to purchase goods or 
services from a shopkeeper or other merchant without 
10 providing unrestricted access to the purchasing account. 
'Transfer of encrypted data to a merchant' may of course 
involve transferring the relevant data to a merchant's till 
or other device. 

These and other aspects of the present invention will 
15 now be described by way of example only and with reference 
to the accompanying drawing, which shows a block diagram "of 
a typical transaction conducted in accordance with the 
present invention . 

The Figure shows a schematic diagram of a typical 
20 transaction in accordance with an embodiment of the present 
invention, and the involved individuals or components 
thereof. The transaction involves a self service terminal 
(SST) 12, which is connected to and operated by a remote 
operator 14, for example, a bank or other financial 
25 institution. The operator 14 ..has as a client a user 16, who 
wishes to conduct a transaction using the SST 12. However, 
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the user 16 is unable to pay a visit to the SST for 
whatever reason, and so must enlist the assistance of a 
third party 18 . 

When the user 16 initially became a client of the 
5 operator 14, the operator 14 provided the user 16 with two 
items of data: firstly, a unique identification token, in 
the form of a customer number; and secondly an encryption 
key which may be used to securely encrypt data. Details of 
the identification token are also retained by the operator 
10 14, as is the corresponding decryption key, so that the 
operator 14 is able to decrypt data encrypted by the user 
16 . 

The user 16 stores these items of data on their 
personal digital assistant, PDA, or other handheld 

15 electronic device, such as a mobile phone or the like.- 
When "the user "16 "wishes to" conduct" an ATM transaction, they 
enter details of the transaction onto their PDA - for 
example, a cash withdrawal of 250 euros, to be performed 
within the next 24 hours. The PDA then combines this 

20 transaction data with the user's identification token, and 
encrypts the combined data. 

User 16 then places their PDA in communication with a 
corresponding device owned by the third party 18; for 
example, typical PDAs are able to transfer data locally by 

2 5 means of infra- red communications ports; or a mobile 
telecommunications network or the like may be used instead. 
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An icon will then be displayed on the third partyDs PDA 
denoting that a transaction is to be performed; the icon 
may indicate the currency value of the transaction, and the 
user's name; however, lacking the decryption key, the third 
5 party will be unable to access any other details of the 
transaction, or to access or copy the user's identification 
token . 

The third party 18 subsequently makes their way to an 
SST 12 at a time convenient to them. The PDA is placed in 

10 communication with the SST 12 (for example, again making 
use of infra-red communications ports or the like) , and the 
encrypted transaction data is transferred to the SST 12. 

The SST 12 then passes this data to the central SST 
operator 14 (or an alternative remote server or the like) , 

15 which holds the identification token and the decryption 
key". The data is "firstly decrypted, ~ and the identification- 
token confirmed as genuine, and corresponding to that 
particular encryption key. Confirmation of successful 
identity confirmation is then transferred back to the SST 

20 12, together with the decrypted transaction data. The SST 
12 is then able to execute the requested transaction, and 
dispenses 250 euros to the third party 12, provided the 
operation is performed within the specified time period. 

If desired, the SST 12 can then transfer a 

25 c onfirmat i on of the tra nsaction back to the third party 18, 
who is subsequently able to confirm to the user 16 that the 
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desired transaction has been performed. This feature may- 
be of particular use when transactions are requested which 
do not result in the dispensing of cash or other media 
items; for example, transfer of funds between accounts, or 
5 deposit of currency. The confirmation data may itself be 
encrypted if desired; if so, the SST 12 will request the 
remote operator 14 to encrypt the confirmation using the 
user's encryption key. Only the authorised user 16 will 
therefore be able to read the confirmation. 
10 It will be seen from the foregoing that the present 

invention therefore enables users to authorise third 
parties to conduct transactions on their behalf at an SST 
without the requirement to reveal details of their security 
codes, and in a controllable and limited manner. 
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CLAIMS 



1. A method of conducting a transaction via a self 
service terminal (SST), the method comprising the steps of: 
5 encrypting transaction data stored in a first device, 

the data including security identification information; 

transferring the encrypted data to a device of a third 
party; 

allowing the third party to transfer the encrypted 
10 data to an SST; and 

allowing the SST to decrypt the data, verify the 
security identification information, and execute the 
transaction . 

15 2. The method of claim 1, further comprising the step 

of transferring transaction" confirmation data from the" SST 
to the third party. 

3. The method of claim 1 or claim 2, further 
20 comprising the step of including data determining which 

third party is permitted to transfer the data to the SST. 

4. A method of conducting a transaction via a self 
service terminal (SST) , the method comprising the following 

25 steps : 
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receiving on a device encrypted transaction data from 
a device of a third party, the data including security 
identification information; 

transferring the encrypted data from the receiving 
device to an SST; and 

allowing the SST to decrypt the data, verify the 
security identification information, and execute the 
transaction. 

5. A method of operating a financial service, the 
method comprising the steps of : 

providing a user with an encryption key and an 
identification token for use with a user device; 

providing a self service terminal (SST) with a 
corresponding decryption key; 

"accepting ^"encrypted "transaction data"~including" the' 
identification token from a device of a third party; 

decrypting the transaction data; 

verifying the decrypted identification token; and 
executing the requested transaction. 

6. A method of using a financial service, the method 
comprising the steps of: 

encrypting using a device transaction data and an 
ide ntification token with an encryption k ey ; and 

presenting the encrypted data to a financial service 
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operator via a device of a third party. 

7. A method of purchasing goods or services, the 
method comprising the steps of: 



the data including security identification information; 

transferring the encrypted data to a device of a third 
party; 

allowing the third party to transfer the encrypted 
10 data to a merchant or service provider; and 

allowing the merchant or service provider to decrypt 
the data, verify the security identification information, 
and execute the transaction. 



5 



encrypting transaction data stored in a first device, 
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ABS TRACT 

METHOD OF CONDUCTING TRANSACTIONS 

5 A method is provided of authorising third parties to 
conduct financial transactions via an ATM (12) . A user (16) 
firstly encrypts details of a transaction to be performed 
on a personal digital assistant (PDA) or similar device, 
and then transfers the encrypted data to a third party 

10 device (18) . The third party lacks the decryption key, and 
is unable to access the transaction details or details of 
the user's account. The third party then accesses an ATM 
(12) and transfers the encrypted data to the ATM. The ATM 
operator (14) is able to decrypt the data, and performs the 

15 transaction. The transaction may include data limiting its 
performance to specific time periods, location, or 
repetitions . 
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